Skills
skills/andvl1/claude-plugin/telegram-mini-apps/Gen Agent Trust Hub

telegram-mini-apps

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references well-known and official packages for the Telegram Mini Apps ecosystem, specifically @telegram-apps/sdk, @telegram-apps/sdk-react, and @telegram-apps/ui.
  • [CREDENTIALS_UNSAFE]: No hardcoded credentials or secrets were detected. The backend code example correctly uses a configuration placeholder (${telegram.bot.token}) for the Telegram Bot Token.
  • [DATA_EXFILTRATION]: The skill correctly identifies that initDataUnsafe should only be used for UI presentation and provides the correct mechanism for sending the signed initData to a backend for secure verification.
  • [COMMAND_EXECUTION]: No dangerous command execution patterns were found. The shell commands provided are limited to standard package installations (npm install).
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 12:09 AM